---
# Configuration for Mailman 3
# PostgreSQL initialization must have been done already


#
# SELinux
# TODO: switch to the sefcontext module when we update Ansible to 2.2+
#
- name: install semanage
  package: name=policycoreutils-python state=present
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the configuration directory
  command: semanage fcontext -a -t etc_t "{{ mailman_webui_confdir }}(/.*)?"
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the fulltext index
  command: semanage fcontext -a -t httpd_sys_rw_content_t "{{ mailman_webui_basedir }}/fulltext_index(/.*)?"
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the static files directory
  command: semanage fcontext -a -t httpd_sys_content_t "{{ mailman_webui_basedir }}/static(/.*)?"
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the templates override directory
  command: semanage fcontext -a -t httpd_sys_content_t "{{ mailman_webui_basedir }}/templates(/.*)?"
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the log directory
  command: semanage fcontext -a -t httpd_log_t "/var/log/hyperkitty(/.*)?"
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the generated postfix databases
  command: semanage fcontext -a -t etc_aliases_t "{{ mailman_webui_basedir }}/var/data/postfix_.*"
  tags:
  - mailman
  - selinux

- name: set the SELinux policy for the old static archives
  command: semanage fcontext -a -t httpd_sys_content_t "{{ mailman_webui_basedir }}/old-archives/pipermail(/.*)?"
  tags:
  - mailman
  - selinux

- name: allow Apache to remotely connect to PostgreSQL
  seboolean: name=httpd_can_network_connect_db state=yes persistent=yes
  tags:
  - mailman
  - selinux

- name: allow Apache to remotely connect to Mailman
  seboolean: name=httpd_can_network_connect state=yes persistent=yes
  tags:
  - mailman
  - selinux

- name: allow Apache to remotely connect to Memcached
  seboolean: name=httpd_can_network_memcache state=yes persistent=yes
  tags:
  - mailman
  - selinux


#
# Packages
#
- name: setup the hyperkitty repo
  copy: src={{item}} dest=/etc/yum.repos.d/hyperkitty.repo
  with_first_found:
  - hyperkitty.{{ansible_hostname}}.repo
  - hyperkitty.{{ansible_distribution}}.repo
  - hyperkitty.repo
  tags: mailman

- name: install GPG to validate the key
  package: state=present name=gnupg
  tags: mailman

- name: add the GPG key
  rpm_key: state=present key=https://repos.fedorapeople.org/repos/abompard/abompard.asc
  tags: mailman

- name: install needed packages
  package: name={{ item }} state=present
  with_items:
  - python-psycopg2
  - python34-psycopg2
  - hyperkitty
  - hyperkitty-selinux
  - postorius
  - memcached
  - python-pylibmc
  - python-django-haystack-xapian
  - yum-plugin-post-transaction-actions
  # to run the test suite:
  - python-beautifulsoup4
  - python-mock
  - python-whoosh
  - python-tox
  - python-vcrpy
  # scripts
  - python34-PyYAML
  # mailman soft dep to convert html to plaintext
  - lynx
  tags:
  - packages
  - mailman

- name: setup the mailman3-fedmsg repo
  copy: src=mailman3-fedmsg-plugin.RedHat.repo
        dest=/etc/yum.repos.d/mailman3-fedmsg-plugin.repo
  when: ansible_distribution == 'RedHat'
  tags: mailman

- name: add the GPG key for the mailman3-fedmsg-plugin repo
  rpm_key: state=present key=https://copr-be.cloud.fedoraproject.org/results/ralph/fedmsg-python34/pubkey.gpg
  when: ansible_distribution == 'RedHat'
  tags: mailman

- name: install the mailman3 fedmsg plugin rpm
  package: name=mailman3-fedmsg-plugin
  notify: restart mailman3
  when: ansible_distribution == 'RedHat'
  tags: mailman

- name: copy in our fedmsg-plugin conf file
  copy: src=fedmsg-plugin-conf.py dest=/etc/fedmsg.d/fedmsg-plugin-conf.py
  tags:
  - fedmsgdconfig
  - mailman
  notify: restart mailman3

- name: install packages when not using source extracts
  when: ansible_hostname != "lists-dev.cloud.fedoraproject.org"
  package: name={{ item }} state=present
  with_items:
  - mailman3
  - mailman3-selinux
  - mailman3-hyperkitty
  tags:
  - packages
  - mailman


#
# Initialize mailman (must be done after settings up the DBs)
#
#- name: add mailman to the apache group
#  user: name=mailman groups=apache append=yes
#  tags:
#  - config
#  - mailman
#  #notify:
#  #  - restart mailman3

# access to the aliases files generated by mailman
- name: add postfix to the mailman group
  user: name=postfix groups=mailman append=yes
  tags:
  - config
  - mailman
  notify:
    - restart postfix

## for access to the full-text index
#- name: add apache to the mailman group
#  user: name=apache groups=mailman append=yes
#  tags:
#  - config
#  - mailman
#  notify:
#    - reload httpd

- name: set the mailman conffile
  template: src={{ item }} dest=/etc/mailman.cfg
            owner=root group=mailman mode=0640
  with_first_found:
  - mailman.cfg.{{ ansible_hostname }}.j2
  - mailman.cfg.j2
  tags:
  - config
  - mailman
  notify:
    - restart mailman3


#
# Crontab
#
- name: set the hyperkitty crontab
  template: src=crontab-webui.j2 dest=/etc/cron.d/hyperkitty
  tags:
  - config
  - mailman
- name: set the mailman crontab
  template: src=crontab-mailman3.j2 dest=/etc/cron.d/mailman3
  tags:
  - config
  - mailman

#
# Logging
#
- name: hyperkitty logging -- directory
  file: path=/var/log/hyperkitty state=directory
        owner=root group=apache mode=2775
  tags: mailman
- name: hyperkitty logging -- file creation
  copy: content="" dest=/var/log/hyperkitty/hyperkitty.log
        force=no
  tags: mailman
- name: hyperkitty logging -- file permissions
  file: path=/var/log/hyperkitty/hyperkitty.log state=file
        owner=root group=apache mode=664
  tags: mailman
- name: hyperkitty logging -- rotation
  copy: src=hyperkitty.logrotate.conf
        dest=/etc/logrotate.d/hyperkitty
  tags: mailman


#
# HyperKitty + Postorius setup
#

- name: create the configuration directory
  file: path={{ mailman_webui_confdir }} state=directory
  tags: mailman

- name: install the hyperkitty settings file
  template: src=settings.py.j2
            dest="{{ mailman_webui_confdir }}/settings.py"
            owner=root group=apache mode=0640
  tags:
  - config
  - mailman
  notify:
    - reload apache
    #- restart mailman3

- name: install the hyperkitty settings admin file
  template: src=settings_admin.py.j2
            dest="{{ mailman_webui_confdir }}/settings_admin.py"
            owner=root group=root mode=0600
  tags:
  - config
  - mailman

- name: install the hyperkitty settings test file
  copy: src=settings_test.py
            dest="{{ mailman_webui_confdir }}/settings_test.py"
            owner=root group=root mode=0644
  tags:
  - config
  - mailman

- name: install the fedora-specific modules
  copy: src={{ item }}.py
        dest="{{ mailman_webui_confdir }}/{{ item }}.py"
        owner=root group=root mode=0644
  with_items:
  - django_fedora
  - django_fedora_nosignup
  tags:
  - config
  - mailman
  notify:
    - reload apache

- name: install the hyperkitty urls file
  copy: src=urls.py
        dest="{{ mailman_webui_confdir }}/urls.py"
        owner=root group=root mode=0644
  tags:
  - config
  - mailman
  notify:
    - reload apache

- name: install the hyperkitty wsgi file
  copy: src=webui.wsgi
        dest="{{ mailman_webui_confdir }}/webui.wsgi"
        owner=root group=root mode=0644
  tags:
  - config
  - mailman
  notify:
    - reload apache

- name: install the hyperkitty/postorius dummy httpd conf file
  template: src=apache-dummy.conf.j2
            dest=/etc/httpd/conf.d/{{ item }}.conf
  with_items:
    - hyperkitty
    - postorius
  tags:
  - config
  - mailman
  notify:
    - reload apache

- name: install the hyperkitty httpd conf file
  template: src=apache.conf.j2
            dest=/etc/httpd/conf.d/mailman-webui.conf
  tags:
  - config
  - mailman
  notify:
    - reload apache

- name: create the fulltext index dir
  file: path="{{ mailman_webui_basedir }}/fulltext_index"
        state=directory owner=apache group=apache mode=0755
  tags: mailman

- name: create the hyperkitty static files dir
  file: path="{{ mailman_webui_basedir }}/static"
        state=directory owner=root group=root mode=0755
  tags: mailman

- name: create the fedora-specific static files dir
  file: path="{{ mailman_webui_basedir }}/static-fedora"
        state=directory owner=root group=root mode=0755
  tags: mailman

- name: create the fedora-specific hyperkitty img dir
  file: path="{{ mailman_webui_basedir }}/static-fedora/hyperkitty/img"
        state=directory owner=root group=root mode=0755
  tags: mailman

- name: create the hyperkitty templates override dir
  file: path="{{ mailman_webui_basedir }}/templates/hyperkitty"
        state=directory owner=root group=root mode=0755
  tags: mailman

- name: install our fedora-specific logo
  copy: src=logo-hyperkitty-fedora.png
        dest="{{ mailman_webui_basedir }}/static-fedora/logo-hyperkitty-fedora.png"
  tags: mailman

- name: install our fedora-specific favicon
  copy: src=favicon.ico
        dest="{{ mailman_webui_basedir }}/static-fedora/favicon.ico"
  tags: mailman

- name: install our fedora-specific robots.txt
  copy: src=robots.txt
        dest="{{ mailman_webui_basedir }}/static-fedora/robots.txt"
  tags: mailman

- name: install our fedora-specific brand template override
  copy: src=navbar-brand.html
        dest="{{ mailman_webui_basedir }}/templates/hyperkitty/navbar-brand.html"
  tags: mailman

- name: install our fedora-specific page headers
  copy: src=headers.html
        dest="{{ mailman_webui_basedir }}/templates/hyperkitty/headers.html"
  tags: mailman

- name: Install our fedmenu js hook
  template: src=bottom.html
            dest="{{mailman_webui_basedir }}/templates/hyperkitty/bottom.html"
  tags: mailman

#
# Plug HyperKitty into Mailman
#
- name: copy the mailman-hyperkitty conffile
  copy: src=mailman-hyperkitty.cfg
        dest="/etc/mailman3.d/hyperkitty.cfg"
        owner=root group=mailman mode=0640
  tags:
  - config
  - mailman
  notify:
    - restart mailman3

#
# Scripts
#
- name: install the migration conffile
  template: src=mailman-migration.conf.j2
            dest=/etc/mailman-migration.conf
            owner=root group=root mode=0644
  tags: mailman

- name: create the scripts dir
  file: path="{{ mailman_webui_basedir }}/bin"
        state=directory owner=root group=root mode=0755
  tags: mailman

- name: install the migration environment
  template: src=mailman-migration-path.sh.j2
            dest=/etc/profile.d/mailman-migration-path.sh
            owner=root group=root mode=0644
  tags: mailman

- name: install the scripts
  copy: src={{ item }} dest="{{ mailman_webui_basedir }}/bin/{{ item }}"
        owner=root group=root mode=0755
  tags: mailman
  with_items:
  - yamlget
  - pg-give-rights.py
  - post-update.sh
  - import-mm2.py
  - periodic.py

- name: install the templatized scripts
  template: src={{ item }}.j2 dest="{{ mailman_webui_basedir }}/bin/{{ item }}"
            owner=root group=root mode=0755
  tags: mailman
  with_items:
  - manage.py

- name: install the staging-sync script
  copy: src=prod-to-stg.py dest="{{ mailman_webui_basedir }}/bin/prod-to-stg.py"
  when: env == "staging"
  tags: mailman

- name: copy the initial user fixture
  template: src=initial-data.json.j2
        dest={{ mailman_webui_basedir }}/config/initial-data.json
        owner=root group=apache mode=0640
  when: inventory_hostname.startswith('mailman01')
  tags: mailman


# Sync databases and collect static files on RPM install/upgrade
- name: install the post-transaction trigger
  template: src=post-transaction.action.j2
            dest=/etc/yum/post-actions/hyperkitty.action
  tags: mailman

# Systemd
- name: install the systemd service files
  template: src={{ item }}.service.j2 dest=/etc/systemd/system/{{ item }}.service
  with_items:
  - webui-qcluster
  - webui-warm-up-cache
  notify:
  - systemctl daemon-reload
  tags:
  - config
  - mailman

#
# Only run this on mailman01 for now.
# TODO: run it on lists-dev too
#

# The post-update scripts needs memcached to be up (django-compressor will
# store the timestamps there)
- name: start services
  service: state=started enabled=yes name=memcached
  tags: mailman

- name: run the post-update script
  command: "{{ mailman_webui_basedir }}/bin/post-update.sh"
  when: inventory_hostname.startswith('mailman01')
  tags: mailman


## Postfix
#- name: create the postfix aliases
#  command: su mailman -s /bin/sh -c "mailman3 aliases"
#           creates=/var/lib/mailman3/data/postfix_lmtp.db


# Memcached
- name: set the memcached sysconfig file
  copy: src=memcached.sysconfig dest=/etc/sysconfig/memcached
  tags: mailman
  notify:
  - restart memcached


# Start services
- name: start services
  service: state=started enabled=yes name={{ item }}
  with_items:
  - httpd
  - mailman3
  - postfix
  - webui-qcluster
  tags: mailman
  when: inventory_hostname.startswith('mailman01.phx2') or inventory_hostname.startswith('lists-dev')

- name: enable one-shot services
  service: enabled=yes name={{ item }}
  with_items:
  - webui-warm-up-cache
  tags: mailman
  when: inventory_hostname.startswith('mailman01.phx2') or inventory_hostname.startswith('lists-dev')
